The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive following the release of fixes for zero-day vulnerabilities in Microsoft Exchange.
On 2 March 2021, Microsoft released emergency security updates to fix four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Microsoft Exchange.
In the three days since then, security experts say the same Chinese cyber espionage group has dramatically stepped up attacks on any vulnerable, unpatched Exchange servers worldwide. In the majority of incidents, the intruders left behind a “web shell” – a password-protected hacking tool, which can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer.
Read more on this incident here: